CN100458740C

CN100458740C - Recording system and method, recording device and method, input device and method, reproduction system and method, reproduction device and method, recording medium, and program

Info

Publication number: CN100458740C
Application number: CNB2003801001340A
Authority: CN
Inventors: 千秋进
Original assignee: Sony Corp
Current assignee: Sony Corp
Priority date: 2002-11-20
Filing date: 2003-10-28
Publication date: 2009-02-04
Anticipated expiration: 2023-10-28
Also published as: KR20050072668A; JP4543927B2; US7894603B2; CN1685322A; KR100990191B1; TW200418013A; AU2003275695A1; EP1564641A1; WO2004046936A1; EP1564641A4; US20050144465A1; JPWO2004046936A1; TWI253068B; BR0306937A; EP1564641B1

Abstract

The present invention relates to a recording system and method, a recording apparatus and method, an input device and method, a playback system and method, a playback apparatus and method, a recording medium, and a program in which content can be flexibly protected according to whether or not the content should be protected. When mutual authentication is conducted with an AV board 112 by a mutual authentication unit 121 and when the content input into the mutual authentication unit 121 is encrypted with a common key, an input/output controller 122 determines that the content to be input via a bus 113 is to be protected on the bus 113. The input/output controller 122 then controls a recording/playback processor 123 to generate protection information '0', indicating that the content is to be protected on the bus 113, and records the generated protection information on an optical disc 141 together with the content. The present invention can be applied to an optical-disc recording/playback apparatus.

Description

Register system and method, recording unit and method, input equipment and method, read-out system and method, readout equipment and method

Technical field

The present invention relates to register system and method, recording unit and method, input equipment and method, read-out system and method, readout equipment and method, recording medium and program.More specifically; the present invention relates to such register system and method, recording unit and method, input equipment and method, read-out system and method, readout equipment and method, recording medium and program; wherein, can whether should be protected according to content and protect content neatly.

Background technology

In record/readout equipment (for example CD-RW driver), when in the disc recording content or when dish is read content,, require controlling recording/read operation correctly in order to protect content, prevent unwarranted copy.

For example, the international disclosed published Japanese translation of the PCT of patented claim No.2002-521789 disclose utilize a kind of data layout the disc recording data or from dish sense data, this data layout is made of user data and user's control data.

In such data layout, the distinctive dish of use dish ID with a key to user data just after the ciphering user data, thereby prevent unwarranted copy to content.The open No.2002-84271 of Japanese laid-open patent application discloses record/readout equipment of a kind of Fig. 1 of being illustrated in.

In example shown in Figure 1, record/readout equipment 1 is made of driver 11, AV plate 12 and private bus 13.Driver 11 comprises a record/read-out processor 21, and AV plate 12 comprises an AV content handler 31, a content protecting device 35 and an input block 33, and output unit 34.

When packing a CD 41 into, record/read-out processor 21 obtains CD 41 distinctive dish ID and RKB (Renewal Key Block recovers key block), and they are offered the content protecting device 32 of AV plate 12 by private bus 13.Content protecting device 32 utilizes from the dish key of dish ID and RKB acquisition and produces a key, and the key that produces is preserved.

AV content handler 31 will by input block 33 for example the content that copyright is arranged (that is to say that such content should be protected) that receives of antenna offer content protecting device 32.This content protecting device is with the described content of secret key encryption of utilizing the dish key that obtains from dish ID and RKB to prestore, and the content after will encrypting offers described record/read-out processor 21 by described private bus, as the described content that will protect.Described record/read-out processor 21 receives the content after encrypting and it is recorded on the CD 41.

This record/read-out processor 21 is also read the predetermined overstocked content that adds from CD 41, and this content is offered content protecting device 32 by private bus 13.This content protecting device 32 utilizes a key that produces from the dish key of described dish ID and RKB acquisition to add overstocked contents decryption to described, and content is offered AV content handler 31.AV content handler 31 and is read described content according to the content decoding of for example MPEG (Motion Picture Experts Group) to deciphering.The content that output unit 34 outputs are read.

As mentioned above, because in record/readout equipment 1, data send between driver 11 and AV plate 12 and receive by private bus 13, can protect content not visited from outside use dish ID or RKB.

As an improved example of the record/readout equipment 1 that is shown in Fig. 1, can consider to be shown in record/readout equipment 51 of Fig. 2.Represent with identical Reference numeral with parts corresponding components shown in Figure 1, and omitted its explanation.In example shown in Figure 2, driver 11 and AV plate 12 separate (for example, they are separated by one family LAN (LAN (Local Area Network))) by a bus (versabus) 61.

Therefore, in example shown in Figure 2, because dish ID and RKB are sent straight to bus 61, the possibility that existence dish ID and RKB are stolen.For example, when a HDD (hard disk drive) 71 was connected to bus 61 with recorded content, dish ID, RKB and utilization were sent (supervision) and are copied to HDD71 from bus 61 from the content of the dish secret key encryption of dish ID and RKB acquisition.

In being shown in the example of Fig. 2, stored the RKB of 16B dish ID, several MB being sent to HDD71 as mentioned above and the encrypted content of 20GB at HDD71, and the program of several KB.If described dish ID, RKB and use the content of the dish secret key encryption that obtains from dish ID and RKB to be offered AV plate 12 from HDD71, the AV plate can be read described content (this is bad), because the content that it can not be distinguished these contents and read from authorized CD 41.

May have following rough sledding: dish ID, RKB is provided and uses " the deception driver " or " deception program " of the content of the dish secret key encryption that obtains from dish ID and RKB to read actuating equipment or program and scattered as common to AV plate 12.

Therefore, in record/readout equipment 51 that driver 11 and AV plate 12 are spaced by bus 61, data not only can be spread on the authorized dish, and can be spread to unwarranted medium for example on the HDD71.

Therefore, a kind of record/readout equipment of verifying mutually 81 has been proposed, such as that shown in Figure 3.In example shown in Figure 3, for driver 11 provides a mutual authentication unit 91, for AV plate 12 provides a mutual authentication unit 92.By between two mutual authentication units 91 and 92, carrying out mutual authentication processing,, can send and received content by encrypting with described driver 11 and AV plate 12 shared public keys.

Therefore, do not have mutual authentication function, with the HDD71 of CD compatibilities of record/

readout equipment

1 or 51 records in, even copied dish ID, RKB and used the content of the dish secret key encryption that obtains from dish ID and RKB, they can not be decrypted, thereby make that the copy to HDD71 is impossible basically.Like this, above-mentioned " deception driver " or " deception program " can be prevented from.

But; recently; for " super distribution (superdistribution) " (in super distribution; the gratis provides encrypted content) purpose; perhaps for content stores being arrived the purpose among the PC (personal computer); requirement can not encrypted just can write down or read on bus 13 and is not the content that must be protected to copy such content to allow the user.On the other hand, need also to prevent that the protected content of needs is copied.

But at present, because the HDD71 of common PC does not have mutual authentication function, in record/readout equipment 81, not only specific content has obtained protection, and does not need to be protected and the content that only needs to be stored among the PC can not be copied.

Summary of the invention

In view of above-mentioned background, the objective of the invention is whether needs are protected protects content neatly according to content.

According to register system of the present invention; an input equipment comprises and is used to judge whether the content of input needs protected judgment means; a recording unit is included on the recording medium with content record protection recording of information device; described protection information indicates; according to the judged result that described judgment means obtains, it is protected whether content needs when transmitting on described bus.Described pen recorder can be in a plurality of scheduled units of described content record protection information.A described scheduled unit can be 2048 bytes.

This recording unit can also comprise encryption device, when judgment means judges that content wants protected, utilizes the ID of recording medium and recording medium key to content-encrypt.

This recording unit can also comprise encryption device, and when judgment means judged that content is not protected, at least one the recording medium key that utilizes described recording medium was to content-encrypt.

In described input equipment and the recording unit each can also comprise demo plant, is used for mutual checking.

Described input equipment can also comprise first encryption device, and judging content when judgment means needs when protected, before content is sent to bus to content-encrypt.This recording unit can also comprise second encryption device, and judging content when judgment means needs when protected, before the recording device records content to content-encrypt.

Described first encryption device is passable, and is protected if described judgment means judges that described content does not need, and forbids that described content is encrypted before being sent to described bus.

According to first recording method of the present invention; an input equipment judges whether the content of input needs to be protected; recording unit on recording medium with described content record protection information, described protection information based on judged result indicate whether need when described content is transmitted on described bus protected.

Recording unit of the present invention comprises: demo plant is used for verifying mutually with first equipment that is connected to recording unit by bus; Decryption device is used for the content that provides by bus from first equipment, encrypt with first encryption method is decrypted; And pen recorder, be used on recording medium content record protection information with described decryption device deciphering, whether described protection information indicates when described content is transmitted on bus and will be protected.

This recording unit can also comprise encryption device, with second encryption method content of deciphering is encrypted.This encryption device can be encrypted described decrypted content with the ID and the recording medium key of recording medium.

When content first encryption method of no use that provides by bus from first equipment was encrypted, described pen recorder can write down described content with protection information.Described protection information indicates on described bus described when transmitting whether whether content is protected.

Second recording method of the present invention comprises: verification step: verify mutually with first equipment that is connected to a recording unit by bus; Decryption step: to the encrypted content deciphering that provides by bus from first equipment; Recording step: on recording medium, write down by the decrypted content of the processing of described decryption step with protection information, described protection information indicate whether need when described content is transmitted on described bus protected.

The program of first recording medium of the present invention comprises: verification step: verify mutually with first equipment that is connected to a recording unit by bus; Decryption step: to the encrypted content deciphering that provides by bus from first equipment; Recording step: on recording medium, write down by the decrypted content of the processing of described decryption step with protection information, described protection information indicate whether need when described content is transmitted on described bus protected.

First program of the present invention comprises: verification step: verify mutually with first equipment that is connected to a recording unit by bus; Decryption step: to the encrypted content deciphering that provides by bus from first equipment; Recording step: on recording medium, write down by the decrypted content of the processing of described decryption step with protection information, described protection information indicate whether need when described content is transmitted on described bus protected.

Input equipment of the present invention comprises: demo plant: verify mutually with the recording unit that is connected to this input equipment by bus; Whether first encryption device is used for, protected when transmitting on bus according to the content of input, with first encryption method to described content-encrypt; And generator, be used for providing the content of having encrypted to described recording unit with described first encryption device by bus.

This input equipment can also comprise second encryption device, is used for encrypting with the content that second encryption method is encrypted described first encryption device.

One of described first encryption device and described second encryption device can be encrypted described content with the ID and the recording medium key of recording medium.

Input method of the present invention comprises: verification step: verify mutually with the recording unit that is connected to this input equipment by bus; Whether encrypting step is used for, protected when transmitting on bus according to the content of input, to described content-encrypt; With step is provided, be used for providing with described encrypting step to described recording unit and handle the content of having encrypted by bus.

The program of second recording medium of the present invention comprises: verification step: verify mutually with the recording unit that is connected to this input equipment by bus; Whether encrypting step is used for, protected when transmitting on bus according to the content of input, to described content-encrypt; With step is provided, be used for providing with described encrypting step to described recording unit and handle the content of having encrypted by bus.

Second program of the present invention comprises: verification step: verify mutually with the recording unit that is connected to this input equipment by bus; Whether encrypting step is used for, protected when transmitting on bus according to the content of input, to described content-encrypt; With step is provided, be used for providing with described encrypting step to described recording unit and handle the content of having encrypted by bus.

According to a read-out system of the present invention, a readout equipment comprises: be used for reading from recording medium the readout device of content and protection information, whether described protection information indicates will obtain protection when described content is transmitted on bus; And transmission control unit, be used for the protection information of reading according to described readout device, control the transmission to an output device on bus of described content.Described output device comprises the output unit that is used for the content of described transmission control unit transmission is outputed to an external source.

Described protection information can be recorded in a plurality of scheduled units of content, and a described scheduled unit can be 2048 bytes.

Described readout equipment can also comprise decoding device, is used for the content decoding that described readout device is read.

Described readout equipment can also comprise demo plant, is used for the device authentication on the bus.

Described readout equipment can also comprise encryption device; be used for: in the time of when described protection information shows described content to described bus transfer, need being protected; and when the checking of the output device on the described bus by described demo plant, described content before being sent to described bus, it is encrypted.Described output device can also comprise first decryption device, is used for the content that described encryption device is encrypted is decrypted.

Described output device can also comprise second decryption device, is used for: utilize the ID and the recording medium key of described recording medium, the content that described first decryption device is deciphered is decrypted.

Content is protected when protection information shows when transmission on bus, and when the equipment on the bus did not pass through the checking of demo plant, described transmission control unit can forbid that described content is transferred to the described equipment on the described bus.

According to first reading method of the present invention; a readout equipment is read content and protection information from recording medium; whether described protection information indicates will obtain protection when described content is transmitted on bus; and, control the transmission to an output device on bus of described content according to the protection information of reading.Described output device outputs to an external source with the content of described readout equipment transmission.

Readout equipment of the present invention comprises: be used for reading from recording medium the readout device of content and protection information, whether described protection information indicates will obtain protection when described content is transmitted on bus; And output-controlling device, be used for the protection information of reading according to described readout device, control described content by the output of bus to first equipment.

Described readout equipment can also comprise: demo plant is used for described first device authentication; Encryption device is used for described content-encrypt.When described protection information shows that described content need be protected when transmitting on described bus, and when the checking of described first equipment by described demo plant, described encryption device can be encrypted before it is sent to described bus described content.

Content is protected when protection information shows when transmission on bus, and when described first equipment did not pass through the checking of demo plant, described output-controlling device can forbid that described content is output to described bus.

Second reading method of the present invention comprises: reading step: read content and protection information from recording medium, described protection information points out whether described content is protected when transmission on bus; And output controlled step:, control described content by the output of bus to first equipment according to the protection information that the processing of described reading step is read.

The program of the 3rd recording medium of the present invention comprises: reading step: read content and protection information from recording medium, described protection information points out whether described content is protected when transmission on bus; And output controlled step:, control described content by the output of bus to first equipment according to the protection information that the processing of described reading step is read.

The 3rd program of the present invention comprises: reading step: read content and protection information from recording medium, described protection information points out whether described content is protected when transmission on bus; And output controlled step:, control described content by the output of bus to first equipment according to the protection information that the processing of described reading step is read.

In first invention; described input equipment judges whether the content of input is protected; together with the described content of protection information one trace record, according to judged result, described protection information shows when described content is transmitted whether will be protected to described recording unit on bus on recording medium.

Described input equipment can be a separate equipment, perhaps can be to carry out the module that input is handled in an input recording unit.

Described recording unit can be a separate equipment, perhaps can be the module that executive logging is handled in a record/readout equipment.

In second invention, verify mutually with first equipment that is connected by bus.Encrypted content deciphering to providing from first equipment then by bus, and on recording medium together with decrypted content together, record protection information, described protection information show that described content will obtain when transmit protecting on bus.

In the 3rd invention, verify mutually with the recording unit that is connected by bus.Then, whether to obtain protection when on bus, transmitting, come, then the content of encrypting be offered described recording unit by bus content-encrypt according to the content of input.

In the 4th invention, read content and protection information with readout equipment from recording medium, whether described protection information shows will obtain protection when described content is transmitted on bus.According to the protection information of reading, control the transmission of the output device of described content on bus.The content that described readout equipment is provided by described output device outputs to an external source then.Described readout equipment can be a separate equipment, perhaps can be to carry out the module of reading processing in record/readout equipment.

Described output device can be a separate equipment, perhaps can be to carry out the module that output is handled in reading output device.

In the 5th invention, read content and protection information (described protection information points out whether described content will obtain protection when bus is transmitted) from recording medium, control described content by the output of bus to another equipment.

According to an invention of the present invention; a kind of register system is provided; wherein; input equipment and recording unit interconnect by a bus; described input equipment comprises and is used to judge whether the content of input needs protected judgment means; described recording unit is included on the recording medium with described content and is recorded in protection recording of information device in each user's control data; described protection information indicates; judged result according to described judgment means acquisition; it is protected whether described content needs when transmitting on described bus; wherein, write down described user's control data with each 2048 byte frame.

According to an invention of the present invention, a kind of recording method that is used for register system is provided, wherein, input equipment and recording unit are connected with each other by bus, and wherein: described input equipment judges whether the content of input needs to be protected; And described recording unit is recorded in protection information in each user's control data with described content on recording medium; described protection information based on judged result indicate whether need when described content is transmitted on described bus protected; wherein, write down described user's control data with each 2048 byte frame.

According to an invention of the present invention, a kind of recording unit that is used for recorded information on recording medium is provided, comprising: demo plant is used for verifying mutually with first equipment that is connected to described recording unit by bus; Decryption device is used for the content that provides by bus from first equipment, encrypt with first encryption method is decrypted; And pen recorder; be used on recording medium, being recorded in the protection information of each user's control data with the content of described decryption device deciphering; whether described protection information indicates when described content is transmitted on bus and will be protected; wherein, write down described user's control data with each 2048 byte frame.

According to an invention of the present invention, a kind of recording method that is used for the recording unit of recorded information on recording medium is provided, comprising: verification step: verify mutually with first equipment that is connected to recording unit by bus; Decryption step: to the encrypted content deciphering that provides by bus from first equipment; And recording step: on recording medium with the protection information that is recorded in by the decrypted content of the processing of described decryption step in each user's control data; described protection information indicate whether need when described content is transmitted on described bus protected; wherein, write down described user's control data with each 2048 byte frame.

According to an invention of the present invention, provide a kind of to the input equipment of wherein importing content, comprising: demo plant: verify mutually with the recording unit that is connected to this input equipment by bus; First encryption device is used for, whether will protected protection information in each user's control data when on bus, transmit according to the content of indication input, with first encryption method to described content-encrypt; And generator, be used for providing the content of having encrypted to described recording unit with described first encryption device by bus, wherein, write down described user's control data with each 2048 byte frame.

According to an invention of the present invention, a kind of input method that is used for to the input equipment of wherein importing content is provided, comprising: verification step: verify mutually with the recording unit that is connected to this input equipment by bus; Encrypting step is used for, and whether wants protected protection information in each user's control data when transmitting on bus according to the content of indication input, to described content-encrypt; With step is provided, be used for providing with described encrypting step to described recording unit and handle the content of having encrypted by bus, wherein, write down described user's control data with each 2048 byte frame.

According to an invention of the present invention, a kind of read-out system is provided, wherein, readout equipment and output device are connected with each other by bus, described readout equipment comprises: be used for reading content and at the readout device of the protection information of each user's control data from recording medium, whether described protection information indicates will obtain protection when described content is transmitted on bus, wherein, write down described user's control data with each 2048 byte frame; And transmission control unit, be used for the protection information of reading according to described readout device, control the transmission to output device on bus of described content; Described output device comprises the output unit that is used for the content of described transmission control unit transmission is outputed to external source.

According to an invention of the present invention, a kind of reading method that is used for a kind of read-out system is provided, in this read-out system, readout equipment and output device are connected with each other by bus, wherein: described readout equipment is read content and the protection information each user's control data from recording medium, whether described protection information indicates will obtain protection when described content is transmitted on bus, and according to the protection information of reading, control the transmission to described output device on bus of described content, wherein, write down described user's control data with each 2048 byte frame; Described output device outputs to external source with the content of described readout equipment transmission.

According to an invention of the present invention, a kind of readout equipment is provided, be used for reading content and content being offered first equipment by bus from recording medium, comprise: be used for reading content and at the readout device of the protection information of each user's control data from recording medium, whether described protection information indicates will obtain protection when described content is transmitted on bus, wherein, write down described user's control data with each 2048 byte frame; And output-controlling device, be used for the protection information of reading according to described readout device, control described content by the output of bus to first equipment.

According to an invention of the present invention, a kind of reading method that is used for readout equipment is provided, this readout equipment is read content and content is offered first equipment by bus from recording medium, this reading method comprises: reading step: read content and the protection information each user's control data from recording medium, described protection information points out whether described content is protected when transmission on bus, wherein, write down described user's control data with each 2048 byte frame; And output controlled step:, control described content by the output of bus to first equipment according to the protection information of reading of described reading step.

Description of drawings

The block diagram illustration of Fig. 1 has illustrated an example of the configuration of known record/readout equipment;

The block diagram illustration of Fig. 2 has illustrated another example of the configuration of known record/readout equipment;

The block diagram illustration of Fig. 3 has illustrated another example of the configuration of known record/readout equipment;

The block diagram illustration of Fig. 4 has illustrated an example of the configuration of using record/readout equipment of the present invention;

Fig. 5 illustrates an example of the structure of data layout used in this invention;

Fig. 6 illustrates an example of the structure of the Frame (data frame) that is shown in Fig. 5;

Fig. 7 illustrates an example of the structure of the scrambled data frame (scramble data frame) that is shown in Fig. 5;

Fig. 8 illustrates an example of the structure of the user's control data that is shown in Fig. 5;

The block diagram of Fig. 9 is used for the example of structure that graphic extension is shown in the content protecting device 132 of Fig. 4;

Figure 10 is the tree construction that is used for the dish key that graphic extension the present invention uses;

Figure 11 A is used for the example that graphic extension is used for the RKB of dish key of the present invention;

Figure 11 B illustrates the example of the RKB that is used for dish key of the present invention;

Figure 12 illustrates an example of the application of the RKB that is shown in Figure 11 A and Figure 11 B;

Figure 13 is a process flow diagram, is used for the mutual authentication processing that AV plate that graphic extension is shown in Fig. 4 carries out;

Figure 14 is a process flow diagram, is used for the mutual authentication processing that driver that graphic extension is shown in Fig. 4 carries out;

Figure 15 is a process flow diagram, is used for the record request that AV plate that graphic extension is shown in Fig. 4 carries out and handles;

Figure 16 is a process flow diagram, is used for the piece key generation processing that graphic extension is shown in the step S103 of Figure 15;

Figure 17 is a process flow diagram, is used for the dish information that driver that graphic extension is shown in Fig. 4 carries out and reads processing;

Figure 18 is a process flow diagram, is used for the recording processing that driver that graphic extension is shown in Fig. 4 carries out;

Figure 19 is a process flow diagram, is used for the processing of reading that driver that graphic extension is shown in Fig. 4 carries out;

Figure 20 is a process flow diagram, is used for the processing of reading that AV plate that graphic extension is shown in Fig. 4 carries out;

The block diagram illustration of Figure 21 has illustrated another example of the configuration of the record/readout equipment that is shown in Fig. 4;

Figure 22 is a process flow diagram, is used for the recording processing that driver that graphic extension is shown in Figure 21 carries out;

Figure 23 is a process flow diagram, is used for the processing of reading that driver that graphic extension is shown in Figure 21 carries out;

The block diagram of Figure 24 is used for another example of the configuration of graphic extension record/readout equipment of the present invention;

The block diagram of Figure 25 is used for the example of configuration that graphic extension is shown in the content protecting device 411 of Figure 24;

Figure 26 is a process flow diagram, is used for piece key that driver that diagram is shown in Figure 24 carries out and generates and handle;

Figure 27 is a process flow diagram, is used for the record request that AV plate that diagram is shown in Figure 24 carries out and handles;

Figure 28 is a process flow diagram, is used for the recording processing that driver that diagram is shown in Figure 24 carries out;

Figure 29 is a process flow diagram, is used for the processing of reading that driver that diagram is shown in Figure 24 carries out;

Figure 30 is a process flow diagram, is used for the processing of reading that AV plate that diagram is shown in Figure 24 carries out;

The block diagram illustration of Figure 31 be shown in another example of configuration of record/readout equipment of Figure 24;

Figure 32 is a process flow diagram, is used for the recording processing that driver that diagram is shown in Figure 31 carries out;

Figure 33 is a process flow diagram, is used for the processing of reading that driver that diagram is shown in Figure 31 carries out;

The block diagram illustration of Figure 34 another example of configuration of record/readout equipment of the present invention.

Embodiment

Below in conjunction with accompanying drawing embodiments of the invention are described.

Fig. 4 illustrates an example of the configuration of using record/readout equipment 101 of the present invention.Driver 111, AV plate 112 and a HHD (hard disk drive) are connected to a bus 113.The exemplary of bus (bus) is the LAN of family (LAN (Local Area Network)).Should be noted that driver 111, AV plate 112 and HDD sell separately, these parts are connected to bus 113 by the user then.

In this example, for driver 111 and AV plate 112 provide corresponding private key (private key) and public-key cryptography (public key).When for example delivering in the manufacturer of driver 111 and AV plate 112, described public-key cryptography and private key are just registered.Described public-key cryptography is stored in the digital signature of being sent by Notified Body (certificate authority) (not shown).Use Public Key Cryptographic Systems for example RSA transmits content between driver 111 and AV plate 112.Between private key and corresponding public-key cryptography, can use another secret key decryption based on the ciphertext that one of them key produces.

Described driver 111 comprises: a mutual authentication unit 121 is used for verifying mutually with other equipment (is AV plate 112 at example shown in Figure 4); An input/output control unit 122 is used to control the parts of described driver 111; With a record/read-out processor 123, be used on the CD 141 of described driver 111 of packing into recorded content or read content from it.

Described AV plate 112 comprises: a mutual authentication unit 131 is used for verifying mutually with other equipment (is driver 111 at example shown in Figure 4); A content protecting device 132 is used for storing the content-encrypt of described CD 141 into; With an AV processor, be used for by an input block 134 antenna received content for example, perhaps be used for content decoding and output to output unit 135.

The mutual authentication unit 121 of described driver 111 is verified mutually with the mutual authentication unit 131 of AV plate 112.More specifically, when driver 111 and AV plate 112 are connected, when opening the power supply of these two equipment, the mutual authentication unit 131 of described AV plate 112 produces a public keys based on the random number that a built-in randomizer (not shown) produces, and with the public-key cryptography of described driver 111 public-key encryption, thereby the public keys of encrypting with the private key of AV plate 112 is produced a signature to producing.Described mutual authentication unit 131 is read and is obtained and be kept at an AV plate digital certificate the internal memory from Notified Body, and send described encrypted public keys, add described signature on the described public keys and described AV plate digital certificate to driver 111 by described AV plate 112 by bus 113.

After receiving above-mentioned each element, the mutual authentication unit of driver 111 (mutualauthentication unit) is deciphered encrypted public keys with the private key of driver 111, obtain public keys (first public keys), and using from Notified Body's public-key cryptography of Notified Body's acquisition AV plate digital certificate is deciphered, is authorized AV plates to verify this AV plate 112.Described mutual authentication unit 121 is also used from the public-key cryptography of the AV plate 112 of the AV plate digital certificate acquisition of deciphering the signature that adds described public keys to is decrypted, to obtain described public keys (second public keys).Mutual authentication unit 121 more described first public keys and described second public keys of described driver 111, when finding that they equate, authentication unit 121 just determines that this public keys is not altered on this bus mutually.Thereby this public keys can be shared by driver 111 and AV plate 112.

As mentioned above, the mutual authentication unit 121 of driver 111 is verified mutually with the mutual authentication unit 131 of AV plate 112, to differentiate that (checking, authenticate) the AV plate 112.Then, authentication unit 121 and 131 can and send content with this public-key encryption mutually, and the contents decryption to receiving.

On the other hand, HDD114 does not have mutual authentication function, such as the mutual authentication unit 131 of AV plate 112.Therefore, HDD114 can send and be received from by content (not needing protected content), free content can without any problem be sent to bus 113, turnover driver 111.

When receiving a broadcast singal (corresponding to (encrypted) or (scrambled) content of scrambled of encrypting) by input block 134; the key that AV content handler 133 usefulness of AV plate 112 are stored in advance (with the equipment cipher key shared that receives described broadcast singal) is decoded to content described encryption or scrambled, and content is offered content protecting device 132.

Described AV content handler 133 according to the content of input whether encrypted or scrambled judge whether the content of input protected.If, copy for limiting content, on described content, added CCI (copy control information), for example CGMS (copies the generational management system, Copy Generation Management System) signal, point out " CopyFree " (allowing copy), " Copy Once " (only allowing to carry out generation copy), " No MoreCopy " (not allowing outside this generation to copy again) or " Copy Prohibited " (not allowing copy), then can followingly carry out above-mentioned judgement.When this copy generational management information is pointed out " CopyFree "; the content that can judge input does not need protected; point out " Copy Once " when copy generational management information, when " No More Copy " or " Copy Prohibited ", can judge that the content of input should be protected.

Should be protected by AV content handler 133 from the content of AV content handler 133 inputs if find; the RKB acquisition dish key of the CD 141 that provides from mutual authentication unit 131 is provided for content protecting device 132, thereby produces a piece key (block key) based on the dish ID of this dish key and this CD.132 pairs of content protecting devices should protected content-encrypt on CD 141, and the content after will encrypting offers encrypted authentication unit 131.

Use the public keys of sharing with described driver 111; the mutual described content-encrypt encrypted of 131 pairs of authentication units by described content protecting device 132; with the content on the protection bus 113, and the content after will encrypting outputs to driver 111 by bus 113.

If finding described content is the content that need do not protected by AV content handler 133, then content handler 132 and described mutual authentication unit 131 output to driver 111 with described content by bus 113, not to its encryption.

The mutual authentication unit 121 of described driver 111 receives described content by bus 113 from AV plate 112.If the content that receives is encrypted, the described public keys that then described mutual authentication unit 121 usefulness and described driver 111 are shared is to described contents decryption, and the content after will deciphering offers described record/read-out processor 123.

Utilize the public keys of sharing with AV plate 112 that described content has been carried out encrypting (just according to whether by the mutual authentication unit 131 of AV plate 112; whether AV content handler 133 had judged whether described content should be protected), described input/output control unit 122 judges whether the content of the described mutual authentication unit 121 of input will be protected on described bus 113.Then, whether should on bus 113, be protected according to the content of importing, and whether described mutual authentication unit 121 has carried out mutual discriminating (checking) with AV plate 112, the record of input/output control unit 122 controlling recording/123 pairs of contents of read-out processor.

Whether the content according to input should be protected; and whether described mutual authentication unit 121 has carried out mutual discriminating (checking) with AV plate 112; described input/output control unit 122 is also controlled the dish information of described record/read-out processor 123 playback records on CD 141, such as dish ID and RKB (Renewal Key Block).

When recorded content on CD 141; described record/read-out processor 123 is according to the instruction from input/output control unit 122; produce protection information (described protection information indicates the content that will write down and whether should be protected) on described bus 113, and described protection information is recorded on the CD 141 with described content.

Fig. 5 illustrates an example of the structure that will be recorded in the data layout on the CD 141.In this data layout, user's control data 202 (every frame 18 bytes) of user data 201 of 32 frames (every frame has 2K (2048) byte) and 32 frames constitutes 32 sectors.

User data 201 is formed by content-data.In this user data 201, added four (4 byte) EDC (error-detecging code) to each frame, thereby formed Frame 203 as shown in Figure 6.

In example shown in Figure 6, a Frame has 2052 bytes.More specifically, a Frame is made of 2048 bytes of user data (sequence number is that Ud0 is to Ud2047) and four EDC (sequence number is that ed2048 is to ed2051).

Based on a 16x9 byte physical address 204, this Frame 203 forms the scrambled data frame (scramble data frame) 205 that is shown in Fig. 7.This enciphered data (scramble data) 205 is made of 32 Frames 203.In the example of Fig. 7, first frame (leftmost row among Fig. 7) has 2052 bytes, is numbered d (0,0), d (1,0) ..., and d (2051,0).Second frame (among Fig. 7 from left side secondary series) has 2052 bytes, is numbered d (0,1), d (1,1) ..., and d (2051,1).Similarly, (F-1) individual frame has 2052 bytes, be numbered d (0, F), d (1, F) ..., and d (2051, F), the 32nd frame (rightmost row among Fig. 7) has 2052 bytes, is numbered d (0,31), d (1,31) ..., and d (2051,31).

From above-mentioned scrambled data frame (scramble data frame) 205, form 216 row * 304 column data pieces 206.By data block 206 being added 32 row parity checkings, (long distance codes (long distance code): error correction) piece 207 to form a LDC.From LDC piece 207, form LDC bunch of (cluster) 208 of 496 row * 152 row.LDC bunches 208 is divided into four LDC pieces, and each piece has 38 row, and 209-1 is to 209-4, and they and BIS piece 213-1 are to ECC of 213-3 formation bunches 221, and this will be described below.

As follows by address and control data that this record/readout equipment 101 adds.User's control data (logical address and control data) 202 is arranged to 32 * 18 bytes, as shown in Figure 8.

In example shown in Figure 8, first (left column among Fig. 8) frame has 18 bytes, is numbered UC (0,0), UC (1,0) ..., UC (17,0).Second (among Fig. 8 from left side secondary series) frame has 18 bytes, is numbered UC (0,1), UC (1,1) ..., UC (17,1).Similarly, (S-1) frame has 18 frames, be numbered UC (0, S), UC (1, S) ... UC (17, S).The 32nd frame (rightmost frame among Fig. 8) has 2052 bytes, is numbered UC (0,31), UC (1,31) ..., UC (17,31).

As mentioned above, in this data layout, 18 byte user control datas 202 are corresponding to 2K (2048) bytes of user data in each frame.So, for the data (content) that will be recorded in this user data 201 (2K byte), produce protection information, whether this protection information indicates data (content) and should be protected on bus 113.This protection information be stored in the user's control data 202 (18 byte) corresponding to user data 201 the first byte UC (0, in lowest order S).

For example, if the content of record is the content that should be protected on bus 113, then produce " 0 " and record user's control data 202 (18 byte) the first byte UC (0, in lowest order S), as described protection information.If the content of record is the content that need not be protected on bus 113, then produce " 1 " and record user's control data 202 (18 byte) the first byte UC (0, in lowest order S), as described protection information.In a kind of known data layout, " 0 " be stored in user's control data 202 (18 byte) the first byte UC (0, in lowest order S) (just, lowest order is not used).Thereby, for content with the given data format record, also storage and the relevant information of content that will on bus 113, be protected, like this, employed in this embodiment data layout and known data layout compatibility.

Can be set to should protected content relevant protection information " 1 ", the protection information relevant with not needing protected content can be set to " 0 ".But in this case, all items of contents known all should be the content that need not be protected on bus, thereby they can not be protected.Therefore, relate to should protected content protection information preferably be set to " 0 ", relate to and do not need the protection of protected content information preferably to be set to " 1 ".

Physical address 204 is arranged to 16 * 9 bytes.This physical address 204 points out to coil the physical distance on 141.

From 32 * 18 byte user control datas, form 24 row * 30 line access pieces (access block) 210 based on physical address 204.32 row parity checkings are added on the access block 210 to form BIS (burst instruction sub-code, burst instruction subcode) piece 211.The BIS piece is formed 3 row * 496 row BIS bunches 212.

BIS bunches 212 is filled in LDC piece 209-1 between the 209-4 with three BIS piece 213-1 to 213-3, forms 155 row * 496 row ECC bunches 221.From this ECC bunches 221, form by 42 groups of physical cluster that constitute 222 and record on the CD 141, each group has 45 channel bit data (data, data) and a channel bit control data (dc contr.).

This physical cluster 222 is grouped into 496 record frames of (channel bits) (1288 data bit) that have 1932 channel bit.In physical cluster 222,20 channel bit of first data are set to synchronous hyte (frame synchronization).

As mentioned above, when the content that will write down was the content that should be protected on bus 113, record/read-out processor 123 produced (storage) " 0 " as protection information; When the content that will write down was the content that need not be protected on bus 113, record/read-out processor 123 produced (storage) " 1 " as protection information.The protection information that produces is recorded in user's control data 202.

For the reading of content that is recorded in this data layout on the CD 141 carried out error correction, carry out the BIS error correction usually, the result of BIS error correction is used as (abolishment, the revocation) information cancelled of carrying out the LDC error correction.Therefore, because the BIS error correction was finished export user data after the LDC error correction before, obtained the user's control data that comprises among the BIS.Like this, can use the output of user's control data control user data.

When by the content of record/read-out processor 123 playback records on CD 141, in the protection information of playback record before the content on CD 141.Like this, based on the protection information of reading, input/output control unit 122 control content are to the output of bus 113.

For example; whether carried out mutual checking according to mutual authentication unit 121 with AV plate 112; and whether the content of reading be the content (whether protection information is " 0 ") that will protect on bus 113, input/output control unit 122 by means of authentication unit 121 control content mutually to the output of bus 113.Based on the control of input/output control unit 122, authentication unit 121 utilizes the content-encrypt of public keys to reading of sharing with driver 111 mutually, and by bus 113 this content is outputed to AV plate 112.

After receiving the content of encryption from mutual authentication unit 121,112 pairs of described contents decryptions of the mutual authentication unit of AV plate 112, and provide it to content protecting device 132.

Utilization is from the dish ID of CD 141 and the piece key of dish key generation; 132 pairs of content protecting devices have utilized the content of the public keys deciphering of sharing with AV plate 112 further to decipher by mutual authentication unit 131, and the content after will deciphering offers AV content handler 133.AV content handler 133 is for example according to the content decoding of MPEG (Motion Picture Experts Group) after to deciphering, and playing back content.The content of output unit 135 output playback.

As mentioned above, because AV plate 112 verifies mutually with driver 111, can between AV plate 112 and driver 111, send and receive the content that copyright will protect or not need protected content.

For example, even should protected content have been sent to driver 111 from HDD114, driver 111 is not verified HDD114 mutually yet.If it is protected that content does not need, then in driver 111, handle it.Just, in this record/readout equipment 101, can only write down do not need mutually checking freely copy (copy free) data.

As mentioned above, in this record/readout equipment 101, whether should be protected by copyright according to content, the encryption of control content or content are to the output of versabus neatly.

Fig. 9 illustrates an example of the configuration of content handler 132.In Fig. 9, for convenience, only illustrate content protecting device 132 and CD 141.And in fact, as shown in Figure 4, be that mutual authentication unit 131, bus 113, mutual authentication unit 121 and record/read-out processor 123 are carried out corresponding the processing between content protecting device 132 and CD 141.

In the example of Fig. 9, content protecting device 132 is formed by RKB processor 252, key generator 253 and ciphering unit 254.

Whether according to the content that receives from AV content handler 133 is the content that should be protected; the RKB that provides from CD 141 is provided RKB processor 252, be stored in device id the content protecting device 132 and Device keys and acquisition dish key (processing of acquisition dish key is disclosed among the open No.2002-84271 of Japanese laid-open patent application, and is described to Figure 12 in conjunction with Figure 10 below).

The dish ID that described key generator 253 utilizes dish key that RKB processor 252 obtains, provides from CD 141; and be stored in the content protecting device 132 recorded information (for example; the information of when record, using; such as piece seed (block seed); title key (title key); perhaps logging mode), produce the piece key.

If the content that provides from CD 141 is encrypted, then ciphering unit 254 uses the contents decryption of the piece key of key generator 253 generations to described encryption, and content is outputed to AV content handler 133.If it is encrypted that the content that provides from CD 141 does not have, then encrypted circuit 254 directly outputs to AV content handler 133 with content.

If; whether should protected protection information according to indicating the content that receives from AV content handler 133; the content that discovery provides from AV content handler 133 is the content that will be protected; then ciphering unit 254 uses the piece key of described key generator 253 generations to described content-encrypt; with the content of protection on the CD 141, and this content outputed to CD 141.If the content that provides from AV content handler 133 is not need protected content, then ciphering unit 254 directly offers CD 141 with described content (without encrypting).

Provide below and be used to coil the detailed description that key obtains the RKB of processing.Figure 10 illustrates a kind of structure, and wherein, key is distributed on (distributed) record/readout equipment 101 of the present invention.Sequence number 0 to 15 shown in the nethermost row of Figure 10 is corresponding to record/readout equipment individuality.

That is to say that the leaf node of tree construction shown in Figure 10 is corresponding to record/readout equipment.In the initial tree that (during shipment) is provided with when equipment is manufactured, equipment 0 to equipment 15 separately storage allocation give key (node key) and the accordingly leaf node key of leaf node of slave unit leaf node to each node of root node (top layer).The K0000 of the basecoat of Figure 10 indication is to distribute to the leaf node key that equipment 0 arrives equipment 15 respectively to K1111, and the key K R from the KR that is positioned at top layer to the node that is positioned at the second layer that begins from the bottom is a node key to K111.

In the example of Figure 10, for example, equipment 0 has leaf node key K 0000 and node key K000, K00, K0 and KR.Equipment 5 has K0101, K010, K01, K0 and KR.Equipment 15 has K1111, K111, K11, K1 and KR.In tree shown in Figure 10, only illustrate 16 equipment, be symmetrical by four layers of this tree construction that constitutes at vertical direction.

But, in tree, can form more equipment, perhaps, in each part of tree, the number of plies can be different.

Record/the readout equipment that obtains in tree construction shown in Figure 10 uses various recording medium, for example DVD, CD, MO (trade mark), memory stick Suppose that also various application services are present in this tree construction simultaneously.The distribute keys structure that is shown in Figure 10 is applied to the system of various device and various application coexistence.

At various device with use in the system of coexistence, for example, among Figure 10 by dotted line around part, just

equipment

0,1,2 and 3 is set to use a group of identical recordings medium.In this tree construction, four

equipment

0,1,2 and 3 in same group of being included in have public keys K00, K0 and KR as node key.By using this structure of sharing identical node key, for example, can only provide public master key to

equipment

0,1,2 and 3.

For example, if itself be set to master key by

equipment

0,1,2 and the 3 node key K00 that share, then, need not send new key and just this master key can be set, this master key is public keys to

equipment

0,1,2 and 3 only.Perhaps, by network, perhaps by being stored in the recording medium, (K00 Kmaster) is distributed to

equipment

0,1,2 and 3, and this value is to produce by with node key K00 a new master key Kmaster being encrypted can be worth Enc with one.Like this, have only 00 couple of described encryptions Enc of described common node key K that

equipment

0,1,2 and 3 can enough these equipment shares (K00, thereby Kmaster) deciphering acquisition master key Kmaster.(Ka Kb) indicates with Ka Kb is encrypted Enc.

If at a particular moment t; certain assailant (hacker) has deciphered and discloses key K 0011, K001, K00, K0 and KR that equipment 3 is had; then need to disconnect the connection of this equipment 3, will in this system (

equipment

0,1,2 and 3 group), send and the data of reception with protection.Correspondingly, respectively node key K001, K00, K0 and KR are changed into new key: K (t) 001, K (t) 00, K (t) 0, K (t) R, should with these more new key report to

equipment

0,1 and 2.K (t) aaa represents that this key is the t new key more from generation to generation of key K aaa.

More the distribution process of new key is as described below.Key updating is by providing a table to realize to

equipment

0,1 and 2, and providing of table can be by network (perhaps by being stored in this table in the recording medium).This table is made of the blocks of data that is called " RKB (more new key block) ", such as Figure 11 A those shown.

RKB shown in Figure 11 A is constituted as blocks of data, and it has such data configuration: only make corresponding apparatus upgrade node key.Figure 11 A illustrates an example of blocks of data, and this blocks of data is used for the renewal node key of generation t is distributed to the

equipment

0,1 and 2 of tree construction shown in Figure 10.As mentioned above, equipment 0 and equipment 1 need K (t) 00, and K (t) 0 and K (t) R are as the node key that upgrades, and equipment 2 needs K (t) 001, K (t) 00, and K (t) 0 and K (t) R are as upgrading node key.

Described RKB comprises a plurality of encrypted secret key, such as the encrypted secret key among the RKB shown in Figure 11 A.Encrypted secret key in the most beneath delegation is Enc (K0010, K (t) 001), and this key is the renewal node key K (t) 001 that encrypts with the leaf node key K 0010 that equipment 2 is had.The leaf node key that equipment 2 usefulness equipment 2 are had is to this encrypted secret key deciphering, to obtain K (t) 001.

By using the K (t) 001 of deciphering, can decipher the encrypted key Enc (K (t) 001, K (t) 00) from second row of bottom among Figure 11 A, thereby obtain to upgrade node key K (t) 00.Afterwards, the encrypted key Enc (K (t) 00, K (t) 0) of Figure 11 A from second row of top is decrypted, to upgrade node key K (t) 0, then, to the encrypted key Enc (K (t) 0 in the top line among Figure 11 A, K (t) R) is decrypted, to obtain K (t) R.

Node key K000 is not the key that needs renewal.Equipment 0 and the 1 renewal node key that needs are K (t) 00, K (t) 0 and K (t) R.Like this, the encrypted key Enc among 1 couple of Figure 11 A of equipment 0 and equipment from the third line of top (K000, K (t) 00) is decrypted, to obtain K (t) 00.Then, encrypted key Enc (K (t) 00 among 1 couple of Figure 11 A of equipment 0 and equipment from second row of top, K (t) 0) is decrypted, to obtain to upgrade node key K (t) 0, and further to the encrypted key Enc (K (t) 0 in the top line among Figure 11 A, K (t) R) deciphering is to obtain K (t) R.Like this,

equipment

0,1 and 2 can obtain to upgrade key K (t) R.Index among Figure 11 A (index, subscript) expression is as the node key of decruption key and the specific address of leaf node key.

If have only node key K00 to be updated, and do not need to upgrade the node key K0 and the KR of top two layers in the tree construction of Figure 10, then can described renewal node key be distributed (distribution) to

equipment

0,1 and 2 with the RKB shown in Figure 11 B.

For example, (distribute, during the new master key distributing) in particular group, shared, can use the RKB shown in Figure 11 B when distributing.Present hypothesis, for example, the dotted line of Figure 10 institute around group in

equipment

0,1,2 and 3 use a kind of recording medium, public master key K (t) master that needs are new.In this case, encrypting the data Enc (K (t), K (t) master) that new public more new master key K (t) master produces by the renewal K (t) 00 that uses the node key K00 that share from

equipment

0,1,2 and 3 is distributed with the RKB shown in Figure 11 B.Therefore, described data are for example not decrypted in the equipment 4 at the equipment of another group.

Equipment

0,1,2 and 3 can use by handling 00 pair of above-mentioned decrypt ciphertext of K (t) that RKB obtains, to obtain master key K (t) master of t from generation to generation.In above-mentioned example, by using RKB, master key is sent to each record/readout equipment, and record/readout equipment uses described master key record and sense data.But in the present invention, the dish key that is limited to the recording medium use is used as above-mentioned master key.As shown in figure 12, the RKB (more new key block) by the service recorder medium produces this dish key.Dish key K (t) media only limits to the master key that recording medium uses, and its basic configuration is similar to described master key, has therefore omitted its explanation.

In example shown in Figure 12, equipment 0 uses the RKB that is stored in the generation t in the recording medium, be stored in leaf node key K 0000 in the equipment 0 and node key K000 and K00 produces and upgrades node key K (t) 00, to obtain more new building key K (t) media.The K that is obtained (t) media is used at the recording medium identifying recording layer and from its sense data.

(Generation#n) numbered in prerecord among Figure 12 from generation to generation is not substantial, can be set to an option, because the generation notion of using in master key does not exist in the dish key.

As mentioned above; based on obtaining described dish key from the RKB of CD 141, device id (for example equipment among Figure 10 0), Device keys (for example leaf node key K 0000 of equipment 0 among Figure 10) and node key (for example the K000 in the equipment 0 among Figure 10, K00 etc.) from content protecting device 132.This dish key obtains driver that processing can be written into record/readout equipment 101 at CD 141 and is performed when being used for record or reading content.Perhaps, described dish key obtains when processing can provide the instruction of writing down or reading content after fixing disc 141 and is performed.

The mutual authentication processing of carrying out by the AV plate 112 of record/readout equipment 101 below with reference to the flowchart text of Figure 13.

When driver 111 and AV plate 112 being coupled together when opening the power supply of these two parts, at step S11, the mutual authentication unit 131 of AV plate 112 produces a public keys based on the random number in the built-in randomizer.At step S12, the public-key encryption of public-key cryptography to being produced of the described driver 111 of described mutual authentication unit 131 usefulness.At step S13, described mutual authentication unit produces the signature of encrypting with the private key of AV plate 112 to public keys.At step S14, described mutual authentication unit 131 is read an AV plate digital certificate, and this certificate obtains from a Notified Body (not shown), is stored in the internal memory.At step S15, authentication unit 131 sends to described driver 111 with the public keys of encrypting, the signature and the AV plate digital certificate that are added to public keys by AV plate 12 by bus 113 mutually.

Like this, the signature of the public keys of encryption, 112 pairs of public keys of AV plate and AV plate digital certificate are sent to driver 111 from AV plate 112.The mutual authentication processing of being undertaken by driver 111 accordingly below with reference to the mutual authentication processing of the flow chart description of Figure 14 and AV plate 112.

At step S31, the mutual authentication unit 121 of driver 111 is decrypted the AV plate digital certificate that receives based on the public-key cryptography of the described Notified Body that has obtained or obtain when needed.At step S32, authentication unit 121 is according to judging that at the AV plate digital certificate of step S31 deciphering AV plate 112 is authorized AV plate mutually.If AV plate digital certificate can not be decrypted or be distorted, then judge that at step S32 described AV plate 12 is not authorized AV plate, end process.If judging AV plate 12 at step S32 is authorized AV plates, then with the deciphering of AV plate digital certificate, to obtain the public-key cryptography of AV plate 112.

If judge that at step S32 AV plate 112 is authorized AV plates, then with the deciphering of AV plate digital certificate, to obtain the public-key cryptography of AV plate 112.At step S33, the public keys deciphering of the private key of authentication unit 121 usefulness drivers 111 to encrypting mutually.At step S34, authentication unit is deciphered the signature of 112 pairs of public keys of AV plate with the public-key cryptography of AV plate 112 mutually.

At step S35, public keys of deciphering among the authentication unit 121 comparison step S33 and the plaintext public keys that has signature judge whether these two public keys are consistent mutually.Thereby authentication unit 121 judges whether this public keys is authorized public keys mutually.If judge this public keys and have a public key match of signature at step S35, then authentication unit 121 is concluded and is received authorized public keys from the AV plate mutually.Then, at step S36, authentication unit 121 is stored described public keys mutually.On the contrary, if find that at step S35 this public keys is inconsistent with the public keys with signature, then authentication unit 121 concludes that described public keys is distorted between described AV plate 112 and described driver 111 mutually, thus end process.

As mentioned above, carried out mutual checking between driver 111 and AV plate 112, processing is afterwards carried out by share described public keys between driver 111 and AV plate 112.Although not in this explanation, the mutual authentication unit 121 of driver 111 can also be used the public-key encryption of public-key cryptography to obtaining from AV plate 112 of driver, and the signature that adds with the public keys after encrypting, by driver 111 to the public keys encrypted, and driver digital certificate, send to AV plate 112, and request AV plate 112 is verified to them.Handle below with reference to the record request that the AV plate 112 of flow chart description record/readout equipment 101 of Figure 15 is carried out.

At step S101, the input of AV content handler 133 waiting for content.After for example antenna received a broadcast singal (corresponding to the signal of content) by described input block, described AV content handler 133 concluded that at step S101 content is transfused to.Then, at step S102, whether the AV content handler is that (encrypted or scrambled) that encrypt or scrambled judges whether the content of input should be protected according to the content of input.

If judge that at step S102 content should be protected, then the key (with the equipment cipher key shared that receives described broadcast singal) that prestores of AV content handler 133 usefulness is with contents decryption described encryption or scrambled.At step S103, the described content protecting device 132 of AV content handler 133 controls produces a piece key.Flow chart description piece key below with reference to Figure 16 generates processing.Also handle the corresponding Driver Information of carrying out by driver 111 with the piece key generation by 112 execution of AV plate shown in Figure 16 and obtain processing with reference to the flowchart text of Figure 17.

At step S121, RKB processor 252 is to request of reading the dish information (for example coiling ID and RKB) of CD 141 of driver 111 outputs.More specifically, RKB processor 252 is read the dish ID of CD 141 and the request of RKB to mutual authentication unit 131 one of output.The request that this mutual authentication unit 131 is read described dish ID and RKB by bus 113 to mutual authentication unit 121 outputs of driver 111.

At step S141, the mutual authentication unit 121 of driver 111 receives the dish ID of described CD 141 and the request of RKB of reading by bus 113 from described AV plate 112.

At step S142, input/output control unit 122 is according to judge the whether mutual checking by driver 111 of AV plate 112 that sends the request of reading to coil ID and RKB from the information of mutual authentication unit 121.If judge AV plate 112 not by the mutual checking of driver 111 at step S142, the dish information that then stops driver 111 is read processing.Correspondingly, the request from undelegated equipment can be rejected.

As mentioned above, because AV plate 112 judges that at step S142 AV plate 112 has passed through the mutual checking of driver 111 by the mutual checking of driver 111.In this case, at step S143, dish ID and the RKB of record/read-out processor 123 playback records on CD 141, and provide it to mutual authentication unit.

At step S144, mutually authentication unit 121 usefulness are encrypted dish ID and the RKB that record/read-out processor 123 provides with the public keys that AV plate 112 is shared, and the dish ID after will encrypting and RKB output to the AV plate by bus 113.

At step S122, when dish ID after receiving encryption by bus 113 and RKB, the mutual authentication unit 131 of AV plate 112 utilizes the public keys of sharing with driver 111 to dish ID and RKB deciphering, and provides it to RKB processor 251.

At step S123, RKB processor 251 RKB that provides is provided and is stored in device id and Device keys acquisition dish key in the internal memory.More specifically, RKB processor 251 (is numbered from generation to generation in prerecord generation information, Generation#n) time (for example moment t among Figure 12), the RKB that utilization provides, be stored in device id (for example equipment among Figure 10 0) and Device keys (for example leaf node key K 0000 of equipment 0 among Figure 10) in the internal memory, and node key (for example K000 of the equipment among Figure 10 0, K00, K0 and KR), the key K (t) 00 of coming computing node 00.RKB processor 251 obtains ciphertext Enc (K (t) 00, K (t) media) (it encrypts generation with 00 pair of dish of key K (t) key K (t) media) from the RKB that provides then, thereby and to this decrypt ciphertext acquisition dish key K (t) media.

At step S124; key generator 253 usefulness are from the dish ID of mutual authentication unit 131, in the dish key of step S123 acquisition and the recorded information of content protecting device 132; generate a piece key, and this piece key is stored in the internal memory of ciphering unit 254.

Produce the piece key as mentioned above, and at the step S104 of Figure 15, the content that ciphering unit 254 provides AV content handler 133 is used in the piece secret key encryption that step S124 produces, and the content after will encrypting outputs to mutual authentication unit 131.

At step S105, authentication unit 131 further uses the public keys of sharing with driver 111 that step S104 is encrypted with the content of piece secret key encryption mutually.Then, at step S106, the content after authentication unit 131 will be encrypted mutually outputs to driver 111 by bus 113.

If judge that at step S102 the content that receives from AV content handler 133 does not need protected; then need in ciphering unit 254, not carry out encryption (on CD 141, to be protected), and need not encrypt (on bus 113, to be protected) in the authentication unit 131 mutually yet content.Therefore, step S103 has been skipped to S105.Just, ciphering unit 254 does not output to mutual authentication unit 131 to content-encrypt (and with it as raw data).At step S106, authentication unit 131 outputs to driver 111 with the unencrypted content by bus 113 mutually.

As mentioned above, in AV plate 112, use from the content-encrypt of piece key to protecting of RKB and dish ID acquisition.Also use the public keys of sharing with driver 112 that the content that will protect is encrypted temporarily, output to bus 113 then.On the contrary, do not need protected content to be output to bus 113 as raw data.The recording processing of carrying out by driver 111 accordingly below in conjunction with the flow chart description of Figure 18 and above-mentioned processing.

At step S161, the mutual authentication unit 121 of driver 111 passes through bus 113 from AV plate 112 received contents.

At step S162, input/output control unit 122 is according to judging from the information of mutual authentication unit 121 whether the equipment that sends content has passed through the mutual checking of driver 111.

If judge AV plate 112 by the mutual checking of driver 111 at step S162, then process advances to step S163.At step S163, whether input/output control unit 122 adds with public keys and overstockedly judges that whether the record order of input content is at wanting shielded content according to being input to content in the mutual authentication unit 121.

If judge that at step S163 the record order of this content is at the content that should be protected on bus 113; then at step S164, the contents decryption of public keys that mutual authentication unit 121 usefulness of input/output control unit 122 controls and AV plate 112 are shared to receiving.Therefore, in this stage, only use the piece key that obtains from dish ID and RKB to this content-encrypt.

At step S165; input/output control unit 122 controlling recording/read-out processor 123 produces protection information " 0 "; represent that this content should be protected on bus 113, and will protect information stores to the user control data UC corresponding with this content (0, S) in.Then, at step S168, input/output control unit 122 writes down described protection information with the content with described secret key encryption on CD 141.

On the other hand, for example, the content that output is stored in not having the HDD114 of mutual authentication unit.In this case, at step S161, authentication unit 121 passes through bus 113 from the HDD114 received content mutually.Because HDD114 is not provided with mutual authentication unit, judge that at step S162 the equipment that sends described content does not pass through the mutual checking of driver 111, process advances to step S166.At step S166, whether input/output control unit 122 judges that through the encryption of public keys whether the record order of input content is at the content that should be protected according to the content that is input to mutual authentication unit 121 on bus 113.

If judge that at step S163 or S166 the record order of input content is that then process advances to step S167 at the content that need not be protected on bus 113.At step S167, input/output control unit 122 controlling recording/read-out processor 123 corresponding to user's control data UC of this content (0, produce (storage) protection information " 1 " in S), it represents that this content need not be protected on bus 113.Then, at step S168, input/output control unit 122 writes down the protection information that is produced with not encrypted content on CD 141.

If judge that at step S166 the record order of input content is at the content that should be protected on bus 113, then to make mistakes, the recording processing of driver 111 is stopped by force.Therefore, in driver 111, be not recorded as the content that should be protected from the content of undelegated HDD114.

As mentioned above, the content that will be protected that provides from the AV plate 112 that is verified is recorded on the CD 141 with protection information " 0 ", and this this content of protection information representation should be protected on bus 113.In this case, use from the content-encrypt of piece key to protecting of dish ID and RKB acquisition.On the contrary; on CD 141 with protection information " 1 " store from the AV plate 112 that is verified do not need the content that is protected or from the HDD114 that is not verified do not need the content that is protected, this this content of protection information representation need not be protected on bus 113.In this case, the content that does not need to be protected does not have encrypted.

Cun Chu protection information is read to handle by the content of driver 111 and is read (as described below) as mentioned above, is used then.Content below with reference to the flow chart description driver 111 of Figure 19 is read processing.

For from output unit 135 output records of AV plate 112 on CD 141 should protected content, the user by operation input block (not shown) to content sense command of AV plate 112 inputs.The mutual authentication unit 131 of AV plate 112 sends to driver 111 with this sense command by bus 113.Therefore, at step S191, authentication unit 121 receives sense command from AV plate 112 mutually.

At step S192, input/output control unit 122 is according to judging from the information of mutual authentication unit 121 whether the equipment (being AV plate 112) that will export described content has passed through the mutual checking of driver 111 in this example.If judge AV plate 112 by checking mutually at step S192, then input/output control unit 122 judges that at step S193 whether sense command from AV plate 112 is at wanting protected content.

If judge that at step S193 sense command from AV plate 112 is that then at step S194, record/read-out processor 123 is read the content of appointment from CD 141 at the content that will protect.As described in reference Fig. 5, when reading content, the protection information (user's control data) that is recorded on the CD 141 was read out before content.Therefore, input/output control unit 122 step S195 judge user's control data UC corresponding to this content (0, S) whether represent " 0 ".If find corresponding to this content UC (0, S) be " 0 ", mean that then this content should be protected on bus 113.Then, at step S196, the content-encrypt of public keys to reading that mutual authentication unit 121 usefulness of input/output control unit 122 control and AV plate 112 are shared outputs to AV plate 112 with the content of encrypting by bus 113 then.Therefore, can prevent to obtain the data that (stealing) authorizes from bus 113.

If at the UC (0 of step S195 judgement corresponding to this content; S) not that " 0 " is (corresponding to the UC (0 of this content; S) be " 1 "), then this content need not be protected on bus 113, this with should be protected inconsistent from this specified content of the sense command of AV plate 112.Therefore, stop the processing of reading of driver 111.Just, Control Driver 111 makes it not to bus 113 output datas.

On the other hand, do not need protected content for what storage in HDD114 was write down on (record) CD, the user imports a content sense command by an operation input block (not shown) to HDD114.HDD114 sends sense command by bus 113 to driver 111.Therefore, at step S191, authentication unit 121 receives sense command from HDD114 mutually.

At step S192, input/output control unit 112 is according to judge that from the information of mutual authentication unit 121 equipment (being HDD114) that will export described content is not by checking mutually in this example.In this case, at step S197, input/output control unit 122 judges that whether from the sense command of HDD114 be at the content that will protect.

If judge that at step S193 or S197 sense command from the equipment that will export described content is that then at step S198, record/read-out processor 123 is read the content of appointment from CD 141 at the content that does not need to be protected.At step S199, and the UC of user's control data that input/output control unit 122 judgements are relevant with this content (0, S) whether be " 1 ".If find the UC relevant with this content (0, S) be " 1 ", mean that then this content need not be protected on bus 113, process advances to step S200.At step S200, the mutual authentication unit 121 of input/output control unit 122 controls directly outputs to this equipment (being AV plate 112 or HDD114) with the content (being raw data) of reading by bus 113 in this example.

If judge that at step S197 the order from HDD114 is at the sense command of wanting protected content; if perhaps judge the UC (0 relevant with this content at step S199; S) not " 1 " (UC (0 relevant with this content; S) be " 0 "); then make mistakes, because want protected content can not be output to the HDD114 that is not verified.Like this, the output of driver 111 is handled and is stopped by force.Just, in driver 111, the sense command at wanting protected content that provides from HDD114 is rejected.Even this order is at the sense command that does not need protected content, if find this order at should protected content on bus 113, then content corresponding is not output yet.As mentioned above, in response to from the sense command of AV plate 112,, and output to AV plate 112 by bus 113 with the content-encrypt of described public keys to will on bus 113, being protected through checking.The content that will need not be protected on bus 113 by bus 113 directly outputs to AV plate 112 (without encrypting).Then, in the step S201 of Figure 20, receive described content by the mutual authentication unit 131 of AV plate 112.This will be described below.

In response to sense command, do not export the content that will on bus 113, be protected from the HDD114 of invalidated.On the contrary, will on bus 113, not need protected content directly to output to HDD114 (not encrypted) by bus 113.This makes HDD114 to store does not need protected content.Like this, can effectively utilize memory device.

For wanting protected content, use from the piece key of dish ID and RKB acquisition and the public-key encryption that between the equipment (this example, being driver 111 and AV plate 112) of transmission and received content, is verified.Therefore, prevented to carry out unwarranted copy by 113 pairs of contents of versabus.

In a kind of known record/readout equipment, " 0 " be stored in and be recorded on the CD should the corresponding user's control data 202 of protected content (18 byte) the first byte UC (0, in least significant bit (LSB) S).Therefore, can be to wanting protected content to carry out above-mentionedly to read processings (for equipment, with public keys to content-encrypt and export, for the equipment of invalidated, not output content) through checking to what want protected content with the given data format record.Like this, can prevent from versabus 113, content to be carried out unwarranted copy.Just, can keep compatibility with known record/readout equipment.

Below in conjunction with the flow chart description of Figure 20 and the above-mentioned processing of reading of reading the relevant AV plate 112 of processing of driver 111.

Driver 111 receives at the sense command of wanting protected content from AV plate 112, reads content from CD 141, and this content is exported by bus 113.Like this, at step S201, the mutual authentication unit 131 of AV plate 112 receives described content.Then, at step S202, the mutual authentication unit 131 of AV plate 112 judges whether the content that receives is driven mutual authentication unit 121 encryptions (whether this content will be protected) of device 111.If judge that at step S202 this content encrypts with public keys; that is to say that this content should be protected; then at step S203, the contents decryption of public keys shared of authentication unit 131 usefulness and driver 111 mutually to receiving, and content outputed to content protecting device 132.In this stage, this content is only used from the piece secret key encryption of dish ID and RKB acquisition.At step S204, content protecting device 132 execution block keys generate to be handled.This piece key generates to handle and is similar to the described person in conjunction with Figure 16, therefore omits its explanation.

In brief, at step S204, from the RKB acquisition dish key of CD 141, with dish key and the dish ID that produces CD.Then, at step S205, the contents decryption of described key of ciphering unit 254 usefulness to providing from mutual authentication unit 131, the content of encryption offers AV content handler 133.

If judge that at step S202 the content that receives is not encrypted, just this content does not need to be protected, and then there is no need this contents decryption.

Therefore, because content is passed through mutual authentication unit 131 and content protecting device 132, step S203 is skipped to S205.

At step S206, for example according to MPEG (Motion Picture Experts Group) method, the content decoding that 133 pairs of content protectors 132 of AV content handler provide, and playback it.At step S207, the content of output unit 135 output playback.

As mentioned above, be recorded in wanting protected content and not needing protected content can be output on the AV plate of verifying mutually with driver 111 112 on the CD.

In the above description, after judging that received content should be protected, AV plate 112 produces a piece key at record or when reading content.

But this piece key generates to be handled and can be performed when being written into CD 141 by the content protecting device 132 of AV plate 112 at every turn.

Figure 21 illustrates another example of the configuration of record/readout equipment of the present invention.Be illustrated in the basic configuration and record/readout equipment 101 similar that is shown in Fig. 4 of record/readout equipment 301 of Figure 21.But in record/readout equipment shown in Figure 21 301, the mutual authentication unit 121 of the driver 111 in record/readout equipment 101 shown in Figure 4 has been cancelled.

Like this, in record/readout equipment shown in Figure 21 301, even driver 111 is connected to bus 113, it can not be by 112 checkings (public keys is not shared) of AV plate, because do not provide mutual authentication function for driver 111.Therefore, although the request of reading is not carried out in driver 111 from the content of AV plate 112, driver 111 can send to the HDD114 that does not have mutual authentication function not to be needed the content that is protected and receives from it not need the content that is protected.

Recording processing below with reference to the driver 111 of flow chart description record/readout equipment 301 of Figure 22.Step S211 is similar to the step S161 of Figure 18 and S166 to S168 to S214, so it is described in detail in this omission.

At step S211, record/read-out processor 123 receives from HDD114 by bus 113 does not need the content that is protected.At step S212, input/output control unit 122 judges that record orders are not at the content that will be protected, because be input to the content of record/read-out processor 123 public-key encryption of no use on bus 113.At step S213, record/read-out processor 123 produce and the user control data UC relevant with described content (0, S) in memory protection information " 1 ", the described content of this information representation need not obtain to protect on bus 113.Then, at step S214, record/read-out processor 123 writes down the described content from HDD114 on CD 141.

If what judge input at step S212 is content with public-key encryption, and record order then makes mistakes at wanting shielded content, and the recording processing of driver 111 is stopped by force.

Like this, can write down content from the HDD114 that does not have mutual authentication function on CD 141 with protection information, described protection information shows that this content need not obtain protection on bus 113.

Describe below with reference to Figure 23 this record/readout equipment 301 driver 111 read processing.The step S221 of Figure 23 is similar to the step S191 of Figure 19 and step S197 to S200 to S225, has therefore omitted its detailed description.

For example, do not need protected content for storage (record) in HDD114 is recorded on the CD 141, the user imports a content sense command by input block to HDD114.This HDD114 sends to driver 111 with this sense command by bus 113.At step S221, be received from the sense command of HDD114.If input/output control unit is judged sense command from HDD114 at not needing protected content at step S222, then at step S223, record/read-out processor 123 is read the content of appointment from CD 141.

If input/output control unit 122 step S224 judge user's control data UC corresponding to this content (0, S) be " 1 ", find that then this content is the content that need not be protected on bus 113.Then, at step S225, the content direct (as raw data) that record/read-out processor 123 is read outputs to HDD114 by bus 113.

If judge that at step S222 order from HDD114 is the sense command at the content that will protect; if perhaps judge the UC (0 relevant with this content at step S224; S) not " 1 "; then make mistakes, because the content that will obtain protecting on bus 113 can not be output to the HDD114 of invalidated.Then, the recording processing of driver 111 is stopped by force.As mentioned above, when in response to from the sense command read out protection information " 1 " of HDD114 the time, the content that need not be protected on bus 113 of reading is directly outputed to HDD114 (not having encrypted) by bus 113.Therefore, owing to do not need protected content public-key encryption of no use, it can be provided and store among the HDD114.Like this, can effectively utilize the storage capacity of HDD.

Figure 24 illustrates another example of the configuration of using record/readout equipment of the present invention.The basic configuration that is illustrated in record/readout equipment 401 of Figure 24 is similar to the record/readout equipment 101 that is illustrated in Fig. 4.But the content protecting device 132 that is illustrated in the AV plate 112 of Fig. 4 has been cancelled in the AV of Figure 24 plate 112, but is provided with a content protecting device 411 in driver 111.

Therefore, in being illustrated in the AV plate 112 of Figure 24, be output to mutual authentication unit 131, be provided for AV content handler 133 from the content of mutual authentication unit 131 outputs from the content of AV content handler 133.

In the driver 111 that is illustrated in Figure 24, the content that is input to mutual authentication unit 121 is provided for content protecting device 411.The basic configuration of content protecting device is similar to the content protecting device 132 that is illustrated in Fig. 4.Therefore; under the control of input/output control unit 122; the content-encrypt that piece key that content protecting device 411 usefulness obtain from the dish ID of CD 141 and RKB or the piece key that only obtains from RKB (dish key) provide mutual authentication unit 121, and the content of encrypting outputed to record/read-out processor 123.

Record/read-out processor 123 will offer content protecting device 411 from the content that CD 141 is read.Under the control of input/output control unit 122, content protecting device 411 utilizes from the piece key of the dish ID of CD 141 and RKB acquisition, and perhaps with the piece key that only obtains from RKB, to described contents decryption, and the content after will deciphering outputs to mutual authentication unit 121.

Figure 25 illustrates the configuration of the content protecting device 411 that is illustrated in Figure 24.The configuration that is shown in the content protecting device 411 of Figure 24 is substantially similar to the basic configuration of the content protecting device 132 that is illustrated in Fig. 9.Therefore; for example; if input/output control unit 122 judges that the content that provides from AV plate 112 is the content (record order of input content is at wanting protected content) that will protect, then ciphering unit 254 usefulness want the piece key of protected content to described content-encrypt from dish key, dish ID and recorded information being used for of producing.

If it is not need protected content (record order of input content is at the order that does not need protected content) that input/output control unit 122 is judged from the content of AV plate 122 inputs; then ciphering unit 254 utilized from dish key being used for of producing does not need the piece key of protected content to encrypt described content, and described key obtains from described at least RKB.Use is to get rid of unwarranted driver from the reason of the dish key that RKB obtains.The piece key that is used for the piece key of the content that will be protected and not needing is used for protected content is generated to handle by the piece key at every turn when CD 141 is loaded into driver 111 and produces, and describes this piece key with reference to Figure 26 below and generates and handle.The piece key that will generate then is stored in the internal memory (not shown) of ciphering unit 154.

The piece key of describing content protecting device 411 execution that are shown in Figure 24 below with reference to Figure 26 generates processing.

At step S241, record/read-out processor 123 is waited for CDs 141 driver 111 of packing into.If judge that at step S241 CD 141 has been loaded into, then at step S242, dish ID and the RKB (dish information) of record/read-out processor 123 playback records on CD 141, and they are offered content protecting device 411.

At step S243, RKB processor 252 RKB that provides is provided and is stored in device id and Device keys acquisition dish key in the internal memory.This processing is similar to the processing of the step S123 of Figure 16, has therefore omitted its detailed description.

At step S244; the dish key that the dish ID that provides from record/read-out processor 234 is provided key generator 253, generate at step S243 and the recorded information of content protecting device; generation is used for wanting the piece key of protected content, and the piece key that is produced is stored in the internal memory of ciphering unit 254.

In step S245, key generator 253 utilizes the dish key that produces at step S243 to generate the piece key that not needing to be used for protected content at least, and the piece key that is produced is stored in the internal memory of ciphering unit 254.

As mentioned above, in content protecting device 411 shown in Figure 24, when packing CD 141 into, produce and store two types the piece key that is used for wanting protected content and does not need protected content at every turn.Although be to generate the piece key in the superincumbent explanation, also can store the dish ID and the dish key that are used to produce the piece key, when encrypted content, can generate the piece key then according to the guard mode of content.

Handle below with reference to the record request that the flowchart text AV plate 112 of Figure 27 is carried out.The record request that is illustrated in Figure 27 is handled and to be similar to shown in Figure 15ly, and difference is that step S103 and S104 that the record request of Figure 15 is handled have been cancelled.

In driver 111, after the processing of Figure 27, carry out when handling, carried out mutual checking to share public keys with AV plate 112.At step S261, AV content handler 133 received contents.If AV content handler 133 judges that at step S262 content will be protected, then at step S263, the public keys shared of authentication unit 131 usefulness and driver 111 is to described content-encrypt mutually.At step S264, the content of encrypting is outputed to driver 111.If it is protected to judge that at step S264 content does not need, then content not encrypted (step S263 is skipped) is output to driver 111 at step S264.

As mentioned above, use the content-encrypt of public keys of sharing with driver 111 to protecting, and from 112 outputs of AV plate.Do not need protected content then directly from 112 outputs of AV plate.The recording processing of carrying out in response to the driver that is shown in Figure 24 111 of this processing below with reference to the flow chart description of Figure 28.Step S301 among Figure 28 to S304, step S306 to S307 and step S309 and S310 be similar to Figure 18 step S161 to S168, therefore omitted its detailed description.

At step S301, the mutual authentication unit 121 of driver 111 passes through bus 113 from AV plate 112 received contents.

At step S302, input/output control unit 122 is according to judging from the information of mutual authentication unit 121 whether the AV plate 112 that sends described content has passed through checking mutually in driver 111.If judging AV plate 112 verifies by mutual in driver 111; then at step S303; whether the content according to the mutual authentication unit 121 of input encrypts with public keys, and input/output control unit 122 judges that whether the record order of input contents is at the content that will be protected on bus 113.

If the record order of judging the input content at step S303 at will be on bus 113 protected content; then at step S304; described mutual authentication unit 121 usefulness of input/output control unit 122 controls are come received contents decryption with the public keys that described AV plate 112 is shared, and content is offered content protecting device 411.

At step S305, the content-encrypt of piece key to providing of the content that will protect is provided ciphering unit 254.As described in reference Figure 26, this piece key that is used for the content that will protect has been stored in the storer of ciphering unit 254.Then, at step S306, input/output control unit 122 controlling recording/read-out processor 123 produce and the UC of the user control data relevant with this content (0, S) middle this content of storage representation protection information " 0 " that should on bus 113, be protected.At step S310, input/output control unit 122 controlling recording/read-out processor 123 on CD 141 with the content record protection information of the piece secret key encryption of the content that is used for protecting.

On the other hand, for example, input is stored in the content among the HDD114 that does not have mutual authentication unit.In this case, at step S301, pass through the content that bus 113 receives from HDD114 by mutual authentication unit 121.At step S302, judge that the equipment that sends this content does not pass through checking mutually in equipment 111.At step S307, whether to encrypt according to the content of the mutual authentication unit 121 of input with public keys, input/output control unit 122 judges that whether the record order of input contents is at the order of the content that will be protected on bus 113.

If judge that at step S303 or S307 the record order of input content is that then process advances to step S308 at the content that need not be protected on bus 113.At step S308, ciphering unit 254 usefulness not needing to be used for the content-encrypt of piece key to providing from mutual authentication unit 121 of protected content.The described piece key that not needing to be used for protected content is as being stored in the storer of ciphering unit 254 as described in reference Figure 26.

At step S309, the described record/read-out processor 123 of input/output control unit 122 control produce and corresponding to the UC of user's control data of this content (0, S) in this content of storage representation protection information " 1 " that need on bus 113, not be protected.At step S310, input/output control unit 122 controlling recording/read reasonable device 123 on CD 141, to write down the protection information that is produced with described content.

If judge that at step S307 the record order of input content is at the content that will be protected on bus 113, then to make mistakes, the recording processing of driver 111 is stopped by force.As mentioned above, use from the piece key of dish ID and RKB acquisition the content that will be protected that the AV plate 112 through checking provides is encrypted, and should be recorded on the CD 141 in the protection information " 0 " that is protected on the bus 113 with this content of expression.On the contrary; do not need protected content from what the AV plate 112 through checking provided; perhaps do not need protected content from the HDD114 of invalidated; with the piece secret key encryption that only obtains from RKB; and, be recorded on the CD 141 with the protection information " 1 " that this content of expression need not be protected on bus 113.The content that should be protected from the HDD114 of invalidated is not recorded on the CD 141.

Content below with reference to the flow chart description of Figure 29 driver 111 shown in Figure 24 is read processing.Therefore the step S191 that step S321 among Figure 29 is similar to Figure 19 to S325 and step S327 to S330 has omitted its detailed description to S200.

For the content that will be protected of output unit 135 output records on CD 141 from AV plate 112, the user imports a content sense command by the operation input block to AV plate 112.The mutual authentication unit 131 of AV plate 112 sends described sense command by bus 113 to driver 111.At step S321, authentication unit 121 receives described sense command from AV plate 112 mutually.If based on judging that from the information of mutual authentication unit 121 the AV plate 112 that receives this content has passed through mutual checking in driver 111, then input/output control unit 122 judges that at step S323 whether sense command from AV plate 112 is at wanting protected content at step S322.

If judge sense command from AV plate 112 at wanting protected content at step S323, then at step S324, record/read-out processor 123 is read the content of appointment from CD 141.If input/output control unit 122 step S325 judge with the UC of the corresponding user's control data of this content (0, S) be " 0 ", find that then the content of reading is the content that will be protected on bus 113.At step S326, ciphering unit 254 uses the contents decryption of piece key to reading that is used for wanting protected content that is stored in the internal memory.At step S327, mutually authentication unit 121 uses the content-encrypt that the public keys shared with AV plate 112 provides ciphering unit 254, and this content is exported to AV plate 112 by bus 113.

On the contrary, for storage (record) in HDD114 does not need the protected content that is recorded on the CD 141, then the user imports a content sense command by the operating operation input block to HDD114.HDD114 sends to driver 111 with this sense command by bus 113.Then, at step S321, authentication unit 121 receives sense command from HDD114 mutually.Judge that from the information of mutual authentication unit 121 described content is not through checking mutually in step S322 basis then.Then, judge at step S328 whether the sense command from HDD114 is at the order of wanting protected content.

If judge that at step S323 or S328 the sense command from HDD114 is at the order that does not need protected content, then at step S329, record/read-out processor 123 is read the content of appointment from CD 141.Then, at step S330, the UC of user's control data that input/output control unit 122 judgements are relevant with this content (0, S) whether be " 1 ".If input/output control unit 122 judges that at step S330 the UC of the user control data relevant with this content is " 1 ", find that then the content of reading is the content that need not be protected on bus 113.At step S331; ciphering unit 254 utilization is stored in piece key that being used in the internal memory do not need protected content to described contents decryption, and described content (as raw data) is directly outputed to AV plate 112 or HDD114 by mutual authentication unit 121 and bus 113.

If at the UC (0 of step S325 judgement corresponding to this content; S) not " 0 "; if perhaps judge that at step S328 the sense command from HDD114 is at the order of wanting protected content; if perhaps at the UC (0 of step S330 judgement corresponding to this content; S) not " 1 "; then make mistakes, stop the recording processing of driver 111 by force.As mentioned above, in response to from the sense command of AV plate 112,, and output to AV plate 112 by bus 113 with the content-encrypt of public keys to will on bus 113, being protected through checking.The content that need not be protected on bus 113 is directly outputed to AV plate 112 (not encrypted) by bus 113.Then, at the step S361 of Figure 30 (will illustrate below), the mutual authentication unit 131 of AV plate 112 receives described content.

The content that is shown in the driver 111 of Figure 29 below with reference to the flow chart description of Figure 30 is read the processing of reading of handling pairing AV plate 112.Be shown in reading of Figure 30 and handle the processing of reading that is similar to Figure 20, difference has been to cancel step S204 that reads processing and S205 shown in Figure 20.At step S361, authentication unit 131 is from driver 111 received contents mutually.If encrypt with public keys in step S362 judgement content, just content will obtain protection, then at step S363, uses the public keys of sharing with driver 111 that described content is decrypted.

If judge that at step S362 described content is not encrypted, just this content does not need protectedly, does not then need this contents decryption.Therefore, described content is by mutual authentication unit and content protecting device 132, so step S363 is skipped.

At step S364, AV content handler 133 is for example according to the content decoding of MPEG method to providing from content protecting device 132, and the described content of playback.At step S365, the content of output unit 135 output playback.

As mentioned above, from the AV plate of having verified with driver 111 112, can export the content that is recorded in the content on the CD 141 and need on bus 113, be protected that will be protected on the bus 113.

Figure 31 illustrates another example of the configuration of record/readout equipment of the present invention.The basic configuration that is illustrated in record/readout equipment 501 of Figure 31 is similar to the basic configuration of the record/readout equipment 401 that is illustrated in Figure 24, and the mutual authentication unit 121 that difference is to be shown in the driver 111 in record/readout equipment 401 of Figure 24 has been cancelled in record/readout equipment 501 of Figure 31.

Therefore, in the record/readout equipment 501 that is shown in Figure 31, even driver 111 is connected to bus 113 because driver 111 do not possess mutual authentication function (public keys is not shared), this driver in AV plate 112 without mutual checking.Like this, do not read Request Processing although do not carry out in response to the content from the request of AV plate 112 in driver 111, driver 111 still can send and receive from it to the HDD114 that does not possess mutual authentication function does not need protected content.

The recording processing of carrying out below with reference to the driver 111 of flow chart description record/readout equipment 501 of Figure 32.The step S401 of Figure 32 is similar to the step S301 of Figure 28 and step S307 to S310 to S405, has therefore omitted its detailed description.

At step S401, record/read-out processor 123 receives from HDD114 by bus 113 does not need protected content.At step S402, whether input/output control unit 122 has carried out encrypting the record order of judging the input content with public keys according to the content that is input to mutual authentication unit 121 is not at the order that will be protected on bus 113.At step S403, ciphering unit 254 not needing to be used for the piece key of protected content to content-encrypt.

At step S404, record/read-out processor 123 produce and corresponding to the UC of user's control data of this content (0, S) in this content of storage representation protection information " 1 " that need on bus 113, not be protected.At step S405, record/read-out processor 123 does not need protected content record protection information " 1 " with what provide from HDD114 on CD 141.

If imported content with public-key encryption, and if judge that at step S402 the record order of input content is at the order of the content that will be protected on bus 113, then make mistakes, stop the recording processing of driver 111 by force.If this content public-key encryption of no use, but encrypt with another kind of method, can judge that then this content need not be protected on bus 113.

That as mentioned above, has write down on CD 141 that the HDD114 of authentication function never mutually provides does not need protected content.

Below in conjunction with the read processing of Figure 33 explanation by 111 execution of the driver in record/readout equipment 501.Step S421 among Figure 33 is similar to the step S321 of Figure 29 and S328 to S331 to S425, has therefore omitted its detailed description.

For example, for storage (record) in HDD114 does not need the protected content that is recorded on the CD 141, then the user imports a content sense command by the operation input block to HDD114.HDD114 sends to driver 111 with this sense command by bus 113.At step S421, input is from the sense command of HDD114, if judge sense command from HDD114 at not needing protected content at step S22, then process advances to step S423.At step S423, record/read-out processor 123 is read the content of appointment from CD 141.

If input/output control unit 122 step S424 judge UC corresponding to user's control data of this content (0, S) be " 1 ", then mean and find that the content of reading is the content that need not be protected on bus 113.At step S425, the piece key that ciphering unit 254 is used for not needing protected content is to described contents decryption, and described content (as raw data) is directly outputed to AV plate 112 or HDD114 by mutual authentication unit 121 and bus 113.

On the contrary; if judge that at step S422 the order from HDD114 is at the sense command of wanting protected content, if perhaps step S424 judge the UC corresponding with this content (0, S) be not " 1 "; then make mistakes, because want protected content can not be output to the HDD114 of invalidated.Then, stop the recording processing of driver 111 by force.

Like this, in response to the sense command from HDD114, read out protection information " 1 " will not need the protected content of reading directly to output to HDD114 (not encrypted) by bus 113.Therefore, the content that need be protected on bus 113 is not encrypted, and like this, it can be provided for HDD114 and be stored.

Even be denoted as from the content of the HDD114 of invalidated and want protected content, it is not identified as yet and wants protected content in driver 111.Can only handle in driver 111 does not need protected content.Therefore, can effectively utilize the memory device that only can handle the invalidated of free copied content.

Although recording medium is a CD 141 in the above description, also can be the recording medium of another kind of type, storage card (registered) for example.

Can carry out the series of above-mentioned processing by hardware or software.In this case, the record/readout equipment 501 that can constitute the record/readout equipment 101 that is shown in Fig. 4, the record/readout equipment 301 that is shown in Figure 21, the record/readout equipment 401 that is shown in Figure 24 or be shown in Figure 31 by the record/readout equipment 601 that for example is shown in Figure 34.

In Figure 31, CPU (central processing unit) 611 is according to being stored in the program among the ROM (ROM (read-only memory)) 612 or carrying out various processing from the program that HDD619 is written into RAM (random access memory) 613.In RAM613, suitably stored CPU611 and carried out the required data of various processing.

CPU611, ROM612 and RAM613 couple together by bus 614 mutually.An IO interface 615 also is connected to bus 614.

IO interface 615 be connected to the AV plate 617 of input and output that are used for control content, input block that for example comprises keyboard and mouse 617, one for example comprise that display device is such as output unit 618, the HDD619 of CRT (cathode-ray tube (CRT)) or LCD (LCD) and loudspeaker and the communication unit 620 that for example comprises modulator-demodular unit or terminal adapter.This communication unit 620 is handled by described bus or network (not shown) executive communication.

Where necessary, a driver 630 is connected to IO interface 615.Disk 631, CD 632, magneto-optic disk 633 or semiconductor memory 634 this driver 630 of suitably being packed into, the computer program of reading from such storage medium is loaded into HDD619 where necessary.

If above-mentioned processing sequence is carried out by software, then corresponding software programs be loaded in the computing machine that is built as specialized hardware by network or recording medium or be loaded into can be by carrying out computing machine for example in the multi-purpose computer from various functions to the various programs of wherein packing into.

Described recording medium comprises the wherein routine package medium (packagemedium) of logging program, (comprise MD (mini-disk by disk 631 (comprising floppy disk), CD 632 (comprising CD-ROM (compact disc read-only memory) and DVD (digital universal disc)), magneto-optic disk 633 as shown in figure 34, mini disk) (registered)) or semiconductor memory 634 formations, they can be distributed to be independent of described equipment and provide described program to the user.Described recording medium also comprises the wherein ROM612 or the HDD619 of logging program, and they can provide to the user under the situation in the equipment of being integrated into.

If being shown in the CD 141 that is used to write down or read content and protection information of Fig. 4 is for example magneto-optic disk or disks of CD, MO or the another kind of type of DVD, CD-R or another kind of type of disc-shape recoding medium; then, upward form concave point or mark and recorded information by concentric or " data track " that spiral is provided with on panel surface according to the wave recording of data.For example, in medium,, form concave point from the teeth outwards, just the physics depression such as in CD-ROM or DVD-ROM by the compacting record data.On the contrary, in one-time write or rewritable media,, not to form depression such as in CD-R, CD-RW, DVD-R, DVD-RW or DVD-RAM, chemical change taking place and be to use laser to make in the phase-change film in the medium, thereby forms mark rather than depression.

When the data of playback record, the laser that is used for sense data that applies from read/write head is by the surface reflection of medium, and the light of reflection changes according to depression or having or not of mark, thus sense data.

The method of the data of identification record comprises " mark position writing-method " and " marker edge writing-method ".In preceding a kind of method, depression have or not the representative Bit data, in a kind of method in back, the existence counter-rotating bit of depression.

In the second approach, the depression of reading with constant reflection factor is identified as " 0 ", and the depression that has changed the reflection factor of depression is identified as " 1 ".The loss of data track during by the minimizing record data, this method helps to reduce the length that caves in.

The method of record and sense information is similar to record and the reading method on CD 141 on disk 631, CD 632, magneto-optic disk 633, ROM 612 or HDD 619 that disk record medium is for example described with reference to Figure 34.

The step that formation will be recorded in the program on the recording medium can be performed according to the time sequencing of being described in this manual.But they also can be carried out simultaneously or be carried out separately.

In this manual, the integral body of the equipment that forms by a plurality of equipment of system representation.

Industrial applicibility

Can find out from above stated specification according to the present invention, can whether should be subjected to according to content Protection and protect neatly content. In addition, according to the present invention, it is unwarranted right to prevent The copy of content. Data also can be stored in the memory device of PC.

Claims

1. register system, wherein, input equipment and recording unit interconnect by a bus,

Described input equipment comprises being used to judge whether the content of input needs protected judgment means,

Described recording unit is included on the recording medium with described content and is recorded in protection recording of information device in each user's control data; described protection information indicates; according to the judged result that described judgment means obtains, it is protected whether described content needs when transmitting on described bus

Wherein, each 2048 byte frame with described content write down described user's control data.

2. register system as claimed in claim 1 is characterized in that this recording unit also comprises encryption device, and when judgment means judged that content wants protected, this encryption device utilized the ID of recording medium and recording medium key to content-encrypt.

3. register system as claimed in claim 1 is characterized in that this recording unit also comprises encryption device, and when described judgment means judged that content is not protected, this encryption device utilized the recording medium key of described recording medium to content-encrypt at least.

4. register system as claimed in claim 1 is characterized in that, each in described input equipment and the described recording unit also comprises demo plant, is used for mutual checking.

5. register system as claimed in claim 1 is characterized in that:

Described input equipment also comprises first encryption device, and judging content when described judgment means needs when protected, first encryption device before content is sent to bus to content-encrypt; And

Described recording unit also comprises second encryption device, and judging content when judgment means needs when protected, second encryption device before the recording device records content to content-encrypt.

6. register system as claimed in claim 5 is characterized in that, and is protected if described judgment means judges that described content does not need, and described first encryption device forbids that described content is encrypted before being sent to described bus.

7. recording method that is used for register system, wherein, input equipment and recording unit are connected with each other by bus, wherein:

Described input equipment judges whether the content of input needs to be protected; And

Described recording unit is recorded in protection information in each user's control data with described content on recording medium, described protection information based on judged result indicate whether need when described content is transmitted on described bus protected,

8. recording unit that is used for recorded information on recording medium comprises:

Demo plant is used for verifying mutually with first equipment that is connected to described recording unit by bus;

Decryption device is used for the content that provides by bus from first equipment, encrypt with first encryption method is decrypted; And

Pen recorder, the content that is used for deciphering with described decryption device on recording medium is recorded in the protection information of each user's control data, and whether described protection information indicates when described content is transmitted on bus and will be protected,

9. recording unit as claimed in claim 8 also comprises encryption device, with second encryption method content of deciphering is encrypted.

10. recording unit as claimed in claim 9 is characterized in that, this encryption device is encrypted described decrypted content with the ID and the recording medium key of recording medium.

11. recording unit as claimed in claim 8; it is characterized in that; when content first encryption method of no use that provides by bus from first equipment is encrypted; described pen recorder writes down described content with protection information, and whether described protection information indicates on described bus when transmitting described content protected.

12. a recording method that is used for the recording unit of recorded information on recording medium comprises:

Verification step: verify mutually with first equipment that is connected to recording unit by bus;

Decryption step: to the encrypted content deciphering that provides by bus from first equipment; With

Recording step: on recording medium with the protection information that is recorded in by the decrypted content of the processing of described decryption step in each user's control data, described protection information indicate whether need when described content is transmitted on described bus protected,

13. one kind to the input equipment of wherein importing content, comprising:

Demo plant: verify mutually with the recording unit that is connected to this input equipment by bus;

First encryption device is used for, whether will protected protection information in each user's control data when on bus, transmit according to the content of indication input, with first encryption method to described content-encrypt; With

Generator is used for providing the content of having encrypted with described first encryption device by bus to described recording unit,

14. input equipment as claimed in claim 13 also comprises second encryption device, is used for encrypting with the content that second encryption method is encrypted described first encryption device.

15. input equipment as claimed in claim 14 is characterized in that, one of described first encryption device and described second encryption device are encrypted described content with the ID and the recording medium key of recording medium.

16. an input method that is used for to the input equipment of wherein importing content comprises:

Verification step: verify mutually with the recording unit that is connected to this input equipment by bus;

Encrypting step is used for, and whether wants protected protection information in each user's control data when transmitting on bus according to the content of indication input, to described content-encrypt; With

Step is provided, is used for providing with described encrypting step to described recording unit and handles the content of having encrypted by bus,

17. a read-out system, wherein, readout equipment and output device are connected with each other by bus,

Described readout equipment comprises:

Be used for reading content and at the readout device of the protection information of each user's control data from recording medium, whether described protection information indicates will obtain protection when described content is transmitted on bus, wherein, each 2048 byte frame with described content write down described user's control data; And

Transmission control unit is used for the protection information of reading according to described readout device, controls the transmission to output device on bus of described content;

Described output device comprises the output unit that is used for the content of described transmission control unit transmission is outputed to external source.

18. read-out system as claimed in claim 17 is characterized in that, described protection information is recorded in a plurality of scheduled units of content.

19. read-out system as claimed in claim 18 is characterized in that, described scheduled unit is 2048 bytes.

20. read-out system as claimed in claim 17 is characterized in that, described readout equipment also comprises decoding device, is used for the content decoding that described readout device is read.

21. read-out system as claimed in claim 17 is characterized in that, described readout equipment also comprises demo plant, is used for the device authentication on the bus.

22. read-out system as claimed in claim 21 is characterized in that:

Described readout equipment also comprises encryption device, be used for: in the time of when described protection information shows described content to described bus transfer, need being protected, and when the checking of the output device on the described bus by described demo plant, before described content is sent to described bus to described content-encrypt; And

Described output device also comprises first decryption device, is used for the content that described encryption device is encrypted is decrypted.

23. read-out system as claimed in claim 22 is characterized in that, described output device also comprises second decryption device, is used for: utilize the ID and the recording medium key of described recording medium, the content that described first decryption device is deciphered is decrypted.

24. read-out system as claimed in claim 21; it is characterized in that; content is protected when protection information shows when transmission on bus; and when the equipment on the bus did not pass through the checking of demo plant, described transmission control unit forbade that described content is transferred to the described equipment on the described bus.

25. a reading method that is used for a kind of read-out system, in this read-out system, readout equipment and output device are connected with each other by bus, wherein:

Described readout equipment is read content and the protection information each user's control data from recording medium, whether described protection information indicates will obtain protection when described content is transmitted on bus, and according to the protection information of reading, control the transmission to described output device on bus of described content, wherein, each 2048 byte frame with described content write down described user's control data;

Described output device outputs to external source with the content of described readout equipment transmission.

26. a readout equipment is used for reading content and content being offered first equipment by bus from recording medium, comprising:

Output-controlling device is used for the protection information of reading according to described readout device, controls described content by the output of bus to first equipment.

27. readout equipment as claimed in claim 26 is characterized in that, described protection information is recorded in a plurality of scheduled units of content.

28. readout equipment as claimed in claim 27 is characterized in that, a described scheduled unit is 2048 bytes.

29. readout equipment as claimed in claim 26 also comprises:

Demo plant is used for described first device authentication; And

Encryption device is used for described content-encrypt,

Wherein, when described protection information shows that described content need be protected when transmitting on described bus; and when the checking of described first equipment by described demo plant, described encryption device before described content is sent to described bus to described content-encrypt.

30. readout equipment as claimed in claim 29; it is characterized in that; content is protected when protection information shows when transmission on bus, and when described first equipment did not pass through the checking of demo plant, described output-controlling device forbade that described content is output to described bus.

31. a reading method that is used for readout equipment, this readout equipment is read content and content is offered first equipment by bus from recording medium, and this reading method comprises:

Reading step: read content and the protection information each user's control data from recording medium, described protection information points out whether described content is protected when transmission on bus, wherein, each 2048 byte frame with described content write down described user's control data; And

Output controlled step:, control described content by the output of bus to first equipment according to the protection information of reading of described reading step.